Skip to content
Test

explicitly checkout ${{ github.ref }} when doing a release #1473

Sign in to view logs

explicitly checkout ${{ github.ref }} when doing a release

explicitly checkout ${{ github.ref }} when doing a release #1473

Workflow file for this run

.github/workflows/test.yml at 39abd42
---
name: Test
on:
push:
branches:
- master
pull_request:
concurrency:
group: ${{ github.ref_name }}-${{ github.workflow }}
cancel-in-progress: true
jobs:
ansible-lint:
name: Ansible Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.12'
- name: Run ansible-lint on src
uses: ansible/ansible-lint@main
with:
requirements_file: requirements.yml
working_directory: src
setup_python: false
- name: Run ansible-lint on development
uses: ansible/ansible-lint@main
with:
requirements_file: requirements.yml
working_directory: development
setup_python: false
tests:
strategy:
fail-fast: false
matrix:
certificate_source:
- default
- installer
security:
- none
database:
- internal
include:
- certificate_source: default
security: fapolicyd
database: internal
- certificate_source: default
security: none
database: external
runs-on: ubuntu-24.04
name: "Tests (certificate source: ${{ matrix.certificate_source }}, database: ${{ matrix.database }}, security mode: ${{ matrix.security }})"
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.12'
- name: Setup libvirt for Vagrant
uses: voxpupuli/setup-vagrant@v0
- name: Install Ansible
run: pip install --upgrade ansible-core
- name: Setup environment
run: ./setup-environment
- name: Start VMs
run: |
./forge vms start --vms "quadlet client ${{ matrix.database == 'external' && 'database' || '' }}"
- name: Configure remote-database
if: matrix.database == 'external'
run: |
./forge remote-database
- name: Configure repositories
run: |
./forge setup-repositories
- name: Create installer certificates
if: contains(matrix.certificate_source, 'installer')
run: |
./forge installer-certs
- name: Setup security mode ${{ matrix.security }}
if: matrix.security != 'none'
run: |
./forge security --mode ${{ matrix.security }}
- name: Apply fapolicyd workarounds
# https://access.redhat.com/solutions/7072618 / https://issues.redhat.com/browse/RHEL-37912
# https://github.com/theforeman/foreman-fapolicyd/blob/develop/15-foreman-container.rules
if: matrix.security == 'fapolicyd'
run: |
vagrant ssh --command "echo 'allow perm=any pattern=ld_so exe=/usr/bin/crun : path=/usr/lib64/libsystemd.so.0' | sudo tee -a /etc/fapolicyd/rules.d/15-foremanctl.rules" quadlet
vagrant ssh --command "echo 'allow perm=any all : dir=/home/vagrant/.ansible/tmp/' | sudo tee -a /etc/fapolicyd/rules.d/15-foremanctl.rules" quadlet
vagrant ssh quadlet -- sudo systemctl restart fapolicyd
- name: Run image pull
run: |
./foremanctl pull-images
- name: Run deployment
run: |
./foremanctl deploy --certificate-source=${{ matrix.certificate_source }} ${{ matrix.database == 'external' && '--database-mode=external --database-host=database.example.com' || '' }} --foreman-initial-admin-password=changeme
- name: Add optional feature - hammer
run: |
./foremanctl deploy --add-feature hammer
- name: Add optional feature - foreman-proxy
run: |
./foremanctl deploy --add-feature foreman-proxy
- name: Add optional feature - foreman_azure_rm and foreman_google
run: |
./foremanctl deploy --add-feature foreman_azure_rm --add-feature foreman_google
- name: Run tests
run: |
./forge test --pytest-args="--certificate-source=${{ matrix.certificate_source }} --database-mode=${{ matrix.database }}"
- name: Run smoker
run: |
./forge smoker
- name: Archive smoker report
if: ${{ always() }}
uses: actions/upload-artifact@v5
with:
name: smoker-${{ matrix.certificate_source }}-${{ matrix.security }}-${{ matrix.database }}
path: "/home/runner/smoker/report/"
- name: Generate sos reports
if: ${{ always() }}
run: ./forge sos
- name: Archive sos reports
if: ${{ always() }}
uses: actions/upload-artifact@v5
with:
name: sosreport-${{ matrix.certificate_source }}-${{ matrix.security }}-${{ matrix.database }}
path: sos/
- name: Setup upterm session
if: ${{ failure() }}
uses: owenthereal/action-upterm@v1
with:
## limits ssh access and adds the ssh public key for the user which triggered the workflow
limit-access-to-actor: true
## If no one connects after 5 minutes, shut down server.
wait-timeout-minutes: 5
devel-tests:
strategy:
fail-fast: false
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.12'
- name: Setup libvirt for Vagrant
uses: voxpupuli/setup-vagrant@v0
- name: Install Ansible
run: pip install --upgrade ansible-core
- name: Setup environment
run: ./setup-environment
- name: Start VMs
run: |
./forge vms start
- name: Configure repositories
run: |
./forge setup-repositories
- name: Run deployment
run: |
./forge deploy-dev --foreman-development-enabled-plugin foreman_ansible
- name: Setup upterm session
if: ${{ failure() }}
uses: owenthereal/action-upterm@v1
with:
## limits ssh access and adds the ssh public key for the user which triggered the workflow
limit-access-to-actor: true
## If no one connects after 5 minutes, shut down server.
wait-timeout-minutes: 5
upgrade:
strategy:
fail-fast: false
matrix:
upgrade_from:
- '3.16'
upgrade_to:
- 'nightly'
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.12'
- name: Setup libvirt for Vagrant
uses: voxpupuli/setup-vagrant@v0
- name: Install Ansible
run: pip install --upgrade ansible-core
- name: Setup environment
run: ./setup-environment
- name: Start VMs
run: |
./forge vms start
- name: Configure repositories
run: |
./forge setup-repositories
- name: Configure base version
run: |
sed -i '/container_tag_stream:/ s/:.*/: "${{ matrix.upgrade_from }}"/' src/vars/images.yml
- name: Run image pull
run: |
./foremanctl pull-images
- name: Run deployment
run: |
./foremanctl deploy --foreman-initial-admin-password=changeme
- name: Add optional feature - hammer
run: |
./foremanctl deploy --add-feature hammer
- name: Add optional feature - foreman-proxy
run: |
./foremanctl deploy --add-feature foreman-proxy
- name: Add optional feature - foreman_azure_rm and foreman_google
run: |
./foremanctl deploy --add-feature foreman_azure_rm --add-feature foreman_google
- name: Stop services
run:
vagrant ssh quadlet -- sudo systemctl stop foreman.target
- name: Configure upgrade version
run: |
sed -i '/container_tag_stream:/ s/:.*/: "${{ matrix.upgrade_to }}"/' src/vars/images.yml
- name: Run image pull
run: |
./foremanctl pull-images
- name: Run deployment
run: |
./foremanctl deploy
- name: Run tests
run: |
./forge test
- name: Generate sos reports
if: ${{ always() }}
run: ./forge sos
- name: Archive sos reports
if: ${{ always() }}
uses: actions/upload-artifact@v5
with:
name: sosreport-upgrade
path: sos/
- name: Setup upterm session
if: ${{ failure() }}
uses: owenthereal/action-upterm@v1
with:
## limits ssh access and adds the ssh public key for the user which triggered the workflow
limit-access-to-actor: true
## If no one connects after 5 minutes, shut down server.
wait-timeout-minutes: 5
# A dummy job that you can mark as a required check instead of each individual test
test-suite:
if: always()
needs:
- tests
- devel-tests
- upgrade
- ansible-lint
runs-on: ubuntu-latest
name: Test suite
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
with:
jobs: ${{ toJSON(needs) }}